Sherman's Security Blog
I am Sherman Hand. (also known as Policysup) I have created this blog and will use a part of my day to write about what is going on in the world. I hope to discuss things in a down to earth and practical way. I hope to hear back from you on your thoughts. I do not in any way intend to speak for my employer. The content of this blog will be either opinions that are strictly mine, general observations,re posts, or information that is already in the public domain.

Indiana’s St. Vincent Indianapolis Hospital recently began notifying approximately 1,100 patients that their personal information may have been exposed when a laptop connected to an EEG machine was stolen from the hospital on December 22, 2013 (h/t SC Magazine).

The laptop, which was password-protected but not encrypted, contained patients’ names, birthdates, genders, dates of service, types of service and physician names.

No financial information or Social Security numbers were on the laptop.

“After a thorough assessment, there is no indication that the theft was related to patients’ personal health information, and hospital officials believe patients are at low risk of identity theft,” the hospital said in a statement [PDF]. “In addition, St. Vincent is taking precautionary steps to avoid future incidents, and is evaluating its medical devices and installing encryption protection software as appropriate. Also, the hospital is working to enhance its physical security measures.”

While no credit monitoring services are being offered to those affected, all recipients of the notification letter are being advised to review their credit reports for suspicious activity.

So if your in business or even in your personal life, laptop encryption is a must.